September 11, 2019 Roberto Puzzanghera0 comments
Tired of the nightmares of remotely compiling the kernel with
Linux-VServer, a software that I'm pleased with despite of some lack of documentation, these days I was playing with
LXC, which is included and supported by
Slackware and for which the
Linux kernel doesn't need any patching because it already embeds the hacks for LXC containers.
To convert an existing
Linux-VServer container in a (eventually unprivileged)
LXC container you can follow these steps. I assume that you already know how to create an
LXC container; in case you are interested in unprivileged containers take a look to the excellent Chris Willing's guide (a big thanks to him) linked below.
In the following
/vservers is the directory where your
Linux-VServer containers are stored, while
/lxc is the directory with your
LXC ones (this directory would be
/var/lib/lxc by default).
First of all prepare the directory which will host the container
Copy your existing
Linux-VServer container (assuming that its name is "test") in the
cp -rp /vservers/test /lxc/test/rootfs
Now we have to
The last two steps are just in case of unprivileged containers.
Concerning the configuration, we'll use a script like convert-vserver.sh, which I derived from the
Slackware's template from Matteo Bernardini, which comes with
Download and execute:
wget https://notes.sagredo.eu/files/linux-vserver/convert-vserver.sh chmod +x convert-vserver.sh ./convert-vserver.sh -n test
Once the script was executed with no errors, if the container is supposed to be unprivileged, adjust the config and log files privileges as follows (I assume that
lxc is the user which runs the container):
touch /lxc/test/test.log chown lxc:users /lxc/test /lxc/test/config /lxc/test/test.log
where the name of the log file is of course the same as the container's name.
Finally, since my container had to be unprivileged, I had to remap its uids & gids according to the Chris Willing's guide:
container-userns-convert test 100000
apache clamav dkim dovecot ezmlm fail2ban hacks lamp letsencrypt linux linux-vserver lxc mariadb mediawiki mozilla mysql owncloud patches php proftpd qmail qmailadmin rbl roundcube rsync sieve simscan slackware spamassassin spf ssh ssl surbl tcprules tex ucspi-tcp vpopmail vqadmin